From ff08a320337c1e1cba8d9823a1431d9f8fbf6c1b Mon Sep 17 00:00:00 2001 From: Javier Rebagliatti Date: Fri, 14 Apr 2023 13:38:23 +0200 Subject: [PATCH 1/5] Bump System.Text.Json version to 5.0.2 due to CVE-2021-26701 --- build/Common.props | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Common.props b/build/Common.props index 7179ee4e35a..1e119b63ac4 100644 --- a/build/Common.props +++ b/build/Common.props @@ -49,7 +49,7 @@ [1.2.0-beta.435,2.0) 1.4.0 7.0.0 - 4.7.2 + 5.0.2 4.5.4 From 0d0c3eeac11ff741f7ed8c90b3956012eb0bf23e Mon Sep 17 00:00:00 2001 From: Javier Rebagliatti Date: Fri, 14 Apr 2023 13:48:24 +0200 Subject: [PATCH 2/5] Update changelogs --- src/OpenTelemetry.Exporter.Console/CHANGELOG.md | 3 +++ src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md | 3 +++ src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md | 3 +++ 3 files changed, 9 insertions(+) diff --git a/src/OpenTelemetry.Exporter.Console/CHANGELOG.md b/src/OpenTelemetry.Exporter.Console/CHANGELOG.md index 6d239cc9140..20d0ceb4c94 100644 --- a/src/OpenTelemetry.Exporter.Console/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Console/CHANGELOG.md @@ -2,6 +2,9 @@ ## Unreleased +* Bumped the minimum required version of `System.Text.Json` to 5.0.2 in response +to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). + ## 1.5.0-alpha.2 Released 2023-Mar-31 diff --git a/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md b/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md index ef0f3ecad89..1a9336830f3 100644 --- a/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md @@ -2,6 +2,9 @@ ## Unreleased +* Bumped the minimum required version of `System.Text.Json` to 5.0.2 in response +to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). + ## 1.5.0-alpha.2 Released 2023-Mar-31 diff --git a/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md b/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md index cacfedf8b04..62be702e93c 100644 --- a/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md @@ -2,6 +2,9 @@ ## Unreleased +* Bumped the minimum required version of `System.Text.Json` to 5.0.2 in response +to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). + ## 1.5.0-alpha.2 Released 2023-Mar-31 From cfc259248c62ce07bd22f6344c9a9dbfdab31ce9 Mon Sep 17 00:00:00 2001 From: Javier Rebagliatti Date: Mon, 17 Apr 2023 11:58:36 +0200 Subject: [PATCH 3/5] Revert "Bump System.Text.Json version to 5.0.2 due to CVE-2021-26701" This reverts commit ff08a320337c1e1cba8d9823a1431d9f8fbf6c1b. --- build/Common.props | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Common.props b/build/Common.props index 1e119b63ac4..7179ee4e35a 100644 --- a/build/Common.props +++ b/build/Common.props @@ -49,7 +49,7 @@ [1.2.0-beta.435,2.0) 1.4.0 7.0.0 - 5.0.2 + 4.7.2 4.5.4 From a547e617cb2dcdcd7be8dc2a967c99847d9bc3a3 Mon Sep 17 00:00:00 2001 From: Javier Rebagliatti Date: Mon, 17 Apr 2023 12:11:38 +0200 Subject: [PATCH 4/5] Add direct reference to System.Text.Encodings.Web min version 4.7.2 --- build/Common.props | 1 + src/OpenTelemetry.Exporter.Console/CHANGELOG.md | 2 +- .../OpenTelemetry.Exporter.Console.csproj | 1 + src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md | 2 +- .../OpenTelemetry.Exporter.Jaeger.csproj | 1 + src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md | 2 +- .../OpenTelemetry.Exporter.Zipkin.csproj | 1 + 7 files changed, 7 insertions(+), 3 deletions(-) diff --git a/build/Common.props b/build/Common.props index 7179ee4e35a..a3c3e048d32 100644 --- a/build/Common.props +++ b/build/Common.props @@ -49,6 +49,7 @@ [1.2.0-beta.435,2.0) 1.4.0 7.0.0 + 4.7.2 4.7.2 4.5.4 diff --git a/src/OpenTelemetry.Exporter.Console/CHANGELOG.md b/src/OpenTelemetry.Exporter.Console/CHANGELOG.md index 20d0ceb4c94..de5b7b4f223 100644 --- a/src/OpenTelemetry.Exporter.Console/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Console/CHANGELOG.md @@ -2,7 +2,7 @@ ## Unreleased -* Bumped the minimum required version of `System.Text.Json` to 5.0.2 in response +* Added direct reference to `System.Text.Encodings.Web` with minimum version of `4.7.2` in response to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). ## 1.5.0-alpha.2 diff --git a/src/OpenTelemetry.Exporter.Console/OpenTelemetry.Exporter.Console.csproj b/src/OpenTelemetry.Exporter.Console/OpenTelemetry.Exporter.Console.csproj index f67383e6b18..792ce7152df 100644 --- a/src/OpenTelemetry.Exporter.Console/OpenTelemetry.Exporter.Console.csproj +++ b/src/OpenTelemetry.Exporter.Console/OpenTelemetry.Exporter.Console.csproj @@ -16,6 +16,7 @@ + diff --git a/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md b/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md index 1a9336830f3..d67331cf589 100644 --- a/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md @@ -2,7 +2,7 @@ ## Unreleased -* Bumped the minimum required version of `System.Text.Json` to 5.0.2 in response +* Added direct reference to `System.Text.Encodings.Web` with minimum version of `4.7.2` in response to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). ## 1.5.0-alpha.2 diff --git a/src/OpenTelemetry.Exporter.Jaeger/OpenTelemetry.Exporter.Jaeger.csproj b/src/OpenTelemetry.Exporter.Jaeger/OpenTelemetry.Exporter.Jaeger.csproj index 8744f50528a..179b1b2f84f 100644 --- a/src/OpenTelemetry.Exporter.Jaeger/OpenTelemetry.Exporter.Jaeger.csproj +++ b/src/OpenTelemetry.Exporter.Jaeger/OpenTelemetry.Exporter.Jaeger.csproj @@ -33,6 +33,7 @@ + diff --git a/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md b/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md index 62be702e93c..e5999907a23 100644 --- a/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md @@ -2,7 +2,7 @@ ## Unreleased -* Bumped the minimum required version of `System.Text.Json` to 5.0.2 in response +* Added direct reference to `System.Text.Encodings.Web` with minimum version of `4.7.2` in response to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). ## 1.5.0-alpha.2 diff --git a/src/OpenTelemetry.Exporter.Zipkin/OpenTelemetry.Exporter.Zipkin.csproj b/src/OpenTelemetry.Exporter.Zipkin/OpenTelemetry.Exporter.Zipkin.csproj index f5d9deea5a7..b8232e7c153 100644 --- a/src/OpenTelemetry.Exporter.Zipkin/OpenTelemetry.Exporter.Zipkin.csproj +++ b/src/OpenTelemetry.Exporter.Zipkin/OpenTelemetry.Exporter.Zipkin.csproj @@ -28,6 +28,7 @@ + From f521bd55a59f79595ec47bc5ee12f7785911e27c Mon Sep 17 00:00:00 2001 From: Javier Rebagliatti Date: Mon, 17 Apr 2023 18:14:21 +0200 Subject: [PATCH 5/5] Fix markdownlint --- src/OpenTelemetry.Exporter.Console/CHANGELOG.md | 4 ++-- src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md | 4 ++-- src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/OpenTelemetry.Exporter.Console/CHANGELOG.md b/src/OpenTelemetry.Exporter.Console/CHANGELOG.md index de5b7b4f223..a19d0a8052a 100644 --- a/src/OpenTelemetry.Exporter.Console/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Console/CHANGELOG.md @@ -2,8 +2,8 @@ ## Unreleased -* Added direct reference to `System.Text.Encodings.Web` with minimum version of `4.7.2` in response -to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). +* Added direct reference to `System.Text.Encodings.Web` with minimum version of +`4.7.2` in response to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). ## 1.5.0-alpha.2 diff --git a/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md b/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md index d67331cf589..785130c3f29 100644 --- a/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Jaeger/CHANGELOG.md @@ -2,8 +2,8 @@ ## Unreleased -* Added direct reference to `System.Text.Encodings.Web` with minimum version of `4.7.2` in response -to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). +* Added direct reference to `System.Text.Encodings.Web` with minimum version of +`4.7.2` in response to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). ## 1.5.0-alpha.2 diff --git a/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md b/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md index e5999907a23..52363af47cd 100644 --- a/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md +++ b/src/OpenTelemetry.Exporter.Zipkin/CHANGELOG.md @@ -2,8 +2,8 @@ ## Unreleased -* Added direct reference to `System.Text.Encodings.Web` with minimum version of `4.7.2` in response -to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). +* Added direct reference to `System.Text.Encodings.Web` with minimum version of +`4.7.2` in response to [CVE-2021-26701](https://github.com/dotnet/runtime/issues/49377). ## 1.5.0-alpha.2